Analysis
-
max time kernel
141s -
max time network
147s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
15-08-2023 15:09
Static task
static1
Behavioral task
behavioral1
Sample
04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC.exe
Resource
win10v2004-20230703-en
General
-
Target
04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC.exe
-
Size
343KB
-
MD5
c4ddd8bb189f2874fd7a9369ece35c92
-
SHA1
e53e275bbe5b1347b81e98f55d5f5e4928e005a8
-
SHA256
04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4
-
SHA512
05ecde33d466ed86c562f3a6ef0db774ef8881f91ef494a24eef4f6b6e96a90c650c2d8c32711ee9528a858350461f0adf3e823577a214e83b410024cffee856
-
SSDEEP
6144:OGk39+NYmFGGF2Cx9hZs8KBUsq4eetIVz7m4:nQyYmFfv9/BKBdrdKVW4
Malware Config
Extracted
redline
LogsDiller Cloud (TG: @logsdillabot)
209.250.248.11:33522
-
auth_value
3a050df92d0cf082b2cdaf87863616be
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.